authentication

package
v0.54.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 29, 2024 License: BSD-3-Clause Imports: 15 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var LoadUserConsumerOptions = struct {
	Default                          LoadUserConsumerOptionFunc
	WithAuthentifiedUser             LoadUserConsumerOptionFunc
	WithAuthentifiedUserWithContacts LoadUserConsumerOptionFunc
	WithConsumerGroups               LoadUserConsumerOptionFunc
}{
	Default:                          loadDefault,
	WithAuthentifiedUser:             loadAuthentifiedUser,
	WithAuthentifiedUserWithContacts: loadAuthentifiedUserWithContacts,
	WithConsumerGroups:               loadConsumerGroups,
}

LoadUserConsumerOptions provides all options on auth consumer loads functions.

Functions

func CheckDefaultSigninStateToken 

func CheckDefaultSigninStateToken(signature string) error

CheckDefaultSigninStateToken checks if a given signature is a valid signin state.

func CheckSession 

func CheckSession(ctx context.Context, db gorp.SqlExecutor, store cache.Store, sessionID string) (*sdk.AuthSession, error)

CheckSession returns the session if valid for given id.

func CheckSessionWithCustomMFADuration 

func CheckSessionWithCustomMFADuration(ctx context.Context, db gorp.SqlExecutor, store cache.Store, sessionID string, durationMFA time.Duration) (*sdk.AuthSession, error)

CheckSessionWithCustomMFADuration returns the session if valid for given id.

func ConsumerInvalidateGroupForUser 

func ConsumerInvalidateGroupForUser(ctx context.Context, db gorpmapper.SqlExecutorWithTx, g *sdk.Group, u *sdk.AuthentifiedUser) error

ConsumerInvalidateGroupForUser set group as invalid in all user's consumers and set warning.

func ConsumerInvalidateGroupsForUser 

func ConsumerInvalidateGroupsForUser(ctx context.Context, db gorpmapper.SqlExecutorWithTx, userID string, userGroupIDs sdk.Int64Slice) error

ConsumerInvalidateGroupsForUser set groups as invalid if the user is not a member in all user's consumers and set warning.

func ConsumerRegen 

func ConsumerRegen(ctx context.Context, db gorpmapper.SqlExecutorWithTx, consumer *sdk.AuthUserConsumer, overlapDuration, newDuration time.Duration) error

ConsumerRegen updates a consumer issue date to invalidate old signin token.

func ConsumerRemoveGroup 

func ConsumerRemoveGroup(ctx context.Context, db gorpmapper.SqlExecutorWithTx, g *sdk.Group) error

ConsumerRemoveGroup removes given group from all consumers that using it, set warning and disabled state if needed.

func ConsumerRestoreInvalidatedGroupForUser 

func ConsumerRestoreInvalidatedGroupForUser(ctx context.Context, db gorpmapper.SqlExecutorWithTx, groupID int64, userID string) error

ConsumerRestoreInvalidatedGroupForUser checks if there are consumers for given user where the group was invalidated, then restore it and remove warning.

func ConsumerRestoreInvalidatedGroupsForUser 

func ConsumerRestoreInvalidatedGroupsForUser(ctx context.Context, db gorpmapper.SqlExecutorWithTx, userID string) error

ConsumerRestoreInvalidatedGroupsForUser restore invalidated group for all user's consumer, this should be used only for a admin user.

func DeleteConsumerByID 

func DeleteConsumerByID(db gorp.SqlExecutor, id string) error

DeleteConsumerByID removes a auth consumer in database for given id.

func DeleteSessionByID 

func DeleteSessionByID(db gorp.SqlExecutor, id string) error

DeleteSessionByID removes a auth session in database for given id.

func GetIssuerName 

func GetIssuerName() string

func GetSessionActivity 

func GetSessionActivity(store cache.Store, sessionID string) (exists bool, lastActivity time.Time, err error)

GetSessionActivity returns if given session is active.

func GetSessionXSRFToken 

func GetSessionXSRFToken(store cache.Store, sessionID string) (string, bool)

GetSessionXSRFToken returns a XSRF token from cache if exists for given session.

func GetSigningKey 

func GetSigningKey() *rsa.PrivateKey

func HatcheryConsumerRegen added in v0.53.1 

func HatcheryConsumerRegen(ctx context.Context, db gorpmapper.SqlExecutorWithTx, consumer *sdk.AuthHatcheryConsumer) error

func Init 

func Init(ctx context.Context, issuer string, keys []KeyConfig) error

Init the package by passing the signing key

func InsertHatcheryConsumer added in v0.53.0 

func InsertHatcheryConsumer(ctx context.Context, db gorpmapper.SqlExecutorWithTx, ac *sdk.AuthHatcheryConsumer) error

InsertHatcheryConsumer in database.

func InsertSession 

func InsertSession(ctx context.Context, db gorpmapper.SqlExecutorWithTx, as *sdk.AuthSession) error

InsertSession in database.

func InsertUserConsumer added in v0.53.0 

func InsertUserConsumer(ctx context.Context, db gorpmapper.SqlExecutorWithTx, ac *sdk.AuthUserConsumer) error

InsertUserConsumer in database.

func LoadConsumerByID 

func LoadConsumerByID(ctx context.Context, db gorp.SqlExecutor, consumerID string) (*sdk.AuthConsumer, error)

func LoadExpiredSessions 

func LoadExpiredSessions(ctx context.Context, db gorp.SqlExecutor, opts ...LoadSessionOptionFunc) ([]sdk.AuthSession, error)

LoadExpiredSessions returns all expired session

func LoadHatcheryConsumerByAuthConsumerID added in v0.53.1 

func LoadHatcheryConsumerByAuthConsumerID(ctx context.Context, db gorp.SqlExecutor, consumerID string) (*sdk.AuthHatcheryConsumer, error)

func LoadHatcheryConsumerByName added in v0.53.0 

func LoadHatcheryConsumerByName(ctx context.Context, db gorp.SqlExecutor, hatcheryName string) (*sdk.AuthHatcheryConsumer, error)

func LoadSessionByID 

func LoadSessionByID(ctx context.Context, db gorp.SqlExecutor, id string, opts ...LoadSessionOptionFunc) (*sdk.AuthSession, error)

LoadSessionByID returns an auth session from database.

func LoadSessionsByConsumerIDs 

func LoadSessionsByConsumerIDs(ctx context.Context, db gorp.SqlExecutor, consumerIDs []string, opts ...LoadSessionOptionFunc) ([]sdk.AuthSession, error)

LoadSessionsByConsumerIDs returns all auth sessions from database for given consumer ids.

func LoadUserConsumerByID added in v0.53.0 

func LoadUserConsumerByID(ctx context.Context, db gorp.SqlExecutor, id string, opts ...LoadUserConsumerOptionFunc) (*sdk.AuthUserConsumer, error)

LoadUserConsumerByID returns an auth consumer from database.

func LoadUserConsumerByTypeAndUserExternalID added in v0.53.0 

func LoadUserConsumerByTypeAndUserExternalID(ctx context.Context, db gorp.SqlExecutor, consumerType sdk.AuthConsumerType, userExternalID string, opts ...LoadUserConsumerOptionFunc) (*sdk.AuthUserConsumer, error)

LoadUserConsumerByTypeAndUserExternalID returns an auth consumer from database for given type and user id.

func LoadUserConsumerByTypeAndUserID added in v0.53.0 

func LoadUserConsumerByTypeAndUserID(ctx context.Context, db gorp.SqlExecutor, consumerType sdk.AuthConsumerType, userID string, opts ...LoadUserConsumerOptionFunc) (*sdk.AuthUserConsumer, error)

LoadUserConsumerByTypeAndUserID returns an auth consumer from database for given type and user id.

func LoadUserConsumersByGroupID added in v0.53.0 

func LoadUserConsumersByGroupID(ctx context.Context, db gorp.SqlExecutor, groupID int64, opts ...LoadUserConsumerOptionFunc) (sdk.AuthUserConsumers, error)

LoadUserConsumersByGroupID returns all consumers from database that refer to given group id.

func LoadUserConsumersByUserID added in v0.53.0 

func LoadUserConsumersByUserID(ctx context.Context, db gorp.SqlExecutor, id string, opts ...LoadUserConsumerOptionFunc) (sdk.AuthUserConsumers, error)

LoadUserConsumersByUserID returns auth consumers from database for given user id.

func NewConsumerExternal 

func NewConsumerExternal(ctx context.Context, db gorpmapper.SqlExecutorWithTx, userID string, consumerType sdk.AuthConsumerType, userInfo sdk.AuthDriverUserInfo) (*sdk.AuthUserConsumer, error)

NewConsumerExternal returns a new local consumer for given data.

func NewConsumerHatchery added in v0.53.0 

func NewConsumerHatchery(ctx context.Context, db gorpmapper.SqlExecutorWithTx, h sdk.Hatchery) (*sdk.AuthHatcheryConsumer, error)

func NewConsumerWorker 

func NewConsumerWorker(ctx context.Context, db gorpmapper.SqlExecutorWithTx, name string, hatcheryConsumer *sdk.AuthUserConsumer) (*sdk.AuthUserConsumer, error)

func NewConsumerWorkerV2 added in v0.53.0 

func NewConsumerWorkerV2(ctx context.Context, db gorpmapper.SqlExecutorWithTx, name string, hatcheryConsumer *sdk.AuthHatcheryConsumer) (*sdk.AuthHatcheryConsumer, error)

func NewDefaultSigninStateToken 

func NewDefaultSigninStateToken(signinState sdk.AuthSigninConsumerToken) (string, error)

NewDefaultSigninStateToken returns a jws used for signin request.

func NewSession 

func NewSession(ctx context.Context, db gorpmapper.SqlExecutorWithTx, c *sdk.AuthConsumer, duration time.Duration) (*sdk.AuthSession, error)

NewSession returns a new session for a given auth consumer.

func NewSessionJWT 

func NewSessionJWT(s *sdk.AuthSession, externalSessionID string) (string, error)

NewSessionJWT generate a signed token for given auth session.

func NewSessionWithMFA 

func NewSessionWithMFA(ctx context.Context, db gorpmapper.SqlExecutorWithTx, store cache.Store, c *sdk.AuthUserConsumer, duration time.Duration) (*sdk.AuthSession, error)

NewSessionWithMFA returns a new session for a given auth consumer with MFA.

func NewSessionWithMFACustomDuration 

func NewSessionWithMFACustomDuration(ctx context.Context, db gorpmapper.SqlExecutorWithTx, store cache.Store, c *sdk.AuthUserConsumer, duration, durationMFA time.Duration) (*sdk.AuthSession, error)

NewSessionWithMFACustomDuration returns a new session for a given auth consumer with MFA and custom MFA duration.

func NewSessionXSRFToken 

func NewSessionXSRFToken(store cache.Store, sessionID string, sessionExpirationDelaySecond int) (string, error)

NewSessionXSRFToken generate and store a XSRF token for a given session id.

func SessionCleaner 

func SessionCleaner(ctx context.Context, dbFunc func() *gorp.DbMap, tickerDuration time.Duration)

SessionCleaner must be run as a goroutine

func SetSessionActivity 

func SetSessionActivity(store cache.Store, durationMFA time.Duration, sessionID string) error

SetSessionActivity store activity in cache for given session.

func SignJWS 

func SignJWS(content interface{}, now time.Time, duration time.Duration) (string, error)

func SignJWT 

func SignJWT(jwtToken *jwt.Token) (string, error)

func UnsafeLoadCorruptedSessions 

func UnsafeLoadCorruptedSessions(ctx context.Context, db gorp.SqlExecutor) ([]sdk.AuthSession, error)

UnsafeLoadCorruptedSessions should not be used

func UpdateConsumerLastAuthentication 

func UpdateConsumerLastAuthentication(ctx context.Context, db gorp.SqlExecutor, ac *sdk.AuthConsumer) error

UpdateConsumerLastAuthentication updates only the column last_authentication

func UpdateHatcheryConsumer added in v0.53.1 

func UpdateHatcheryConsumer(ctx context.Context, db gorpmapper.SqlExecutorWithTx, ac *sdk.AuthHatcheryConsumer) error

func UpdateUserConsumer added in v0.53.0 

func UpdateUserConsumer(ctx context.Context, db gorpmapper.SqlExecutorWithTx, ac *sdk.AuthUserConsumer) error

UpdateUserConsumer in database.

func VerifyJWS 

func VerifyJWS(signature string, content interface{}) error

func VerifyJWT 

func VerifyJWT(token *jwt.Token) (interface{}, error)

Types

type AuthConsumerOld added in v0.53.0 

type AuthConsumerOld struct {
	ID                           string                          `json:"id" cli:"id,key" db:"id"`
	Name                         string                          `json:"name" cli:"name" db:"name"`
	Type                         sdk.AuthConsumerType            `json:"type" cli:"type" db:"type"`
	Description                  string                          `json:"description" cli:"description" db:"description"`
	ParentID                     *string                         `json:"parent_id,omitempty" db:"parent_id"`
	Created                      time.Time                       `json:"created" cli:"created" db:"created"`
	DeprecatedIssuedAt           time.Time                       `json:"issued_at" cli:"issued_at" db:"issued_at"`
	Disabled                     bool                            `json:"disabled" cli:"disabled" db:"disabled"`
	Warnings                     sdk.AuthConsumerWarnings        `json:"warnings,omitempty" db:"warnings"`
	LastAuthentication           *time.Time                      `json:"last_authentication,omitempty" db:"last_authentication"`
	ValidityPeriods              sdk.AuthConsumerValidityPeriods `json:"validity_periods,omitempty" db:"validity_periods"`
	AuthentifiedUserID           string                          `json:"user_id,omitempty" db:"user_id"`
	Data                         sdk.AuthConsumerData            `json:"-" db:"data"` // NEVER returns auth consumer data in json, TODO this fields should be visible only in auth package
	GroupIDs                     sdk.Int64Slice                  `json:"group_ids,omitempty" cli:"group_ids" db:"group_ids"`
	InvalidGroupIDs              sdk.Int64Slice                  `json:"invalid_group_ids,omitempty" db:"invalid_group_ids"`
	ScopeDetails                 sdk.AuthConsumerScopeDetails    `json:"scope_details,omitempty" cli:"scope_details" db:"scope_details"`
	ServiceName                  *string                         `json:"service_name,omitempty" db:"service_name"`
	ServiceType                  *string                         `json:"service_type,omitempty" db:"service_type"`
	ServiceRegion                *string                         `json:"service_region,omitempty" db:"service_region"`
	ServiceIgnoreJobWithNoRegion *bool                           `json:"service_ignore_job_with_no_region,omitempty" db:"service_ignore_job_with_no_region"`

	gorpmapper.SignedEntity
}

func LoadOldConsumers added in v0.53.0 

func LoadOldConsumers(ctx context.Context, db gorp.SqlExecutor) ([]AuthConsumerOld, error)

DEPRECATED - load old consumers, only use for migration

func (AuthConsumerOld) Canonical added in v0.53.0 

func (c AuthConsumerOld) Canonical() gorpmapper.CanonicalForms

type KeyConfig added in v0.52.0 

type KeyConfig struct {
	Timestamp int64  `toml:"timestamp" mapstructure:"timestamp"`
	Key       string `toml:"key" mapstructure:"key"`
}

type LoadSessionOptionFunc 

type LoadSessionOptionFunc func(context.Context, gorp.SqlExecutor, ...*sdk.AuthSession) error

LoadSessionOptionFunc for auth session.

type LoadUserConsumerOptionFunc added in v0.53.0 

type LoadUserConsumerOptionFunc func(context.Context, gorp.SqlExecutor, ...*sdk.AuthUserConsumer) error

LoadUserConsumerOptionFunc for auth consumer.

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.